Why is Jenkins making temp files that are binaries?

I have an installation of Jenkins on my server I use for continuous integration of a beta website. The configuration is pretty simple, I just use the proper directory in /var/www/ as the workspace, and Git with the Git plugin for source control.

I recently installed CSF on the server, and it keeps reporting the temp files Jenkins is making are 'suspicious'. Here is a log of the most recent report:

Time:   Mon Aug 24 16:11:08 2015 -0400
File:   /tmp/jffi6688931929611009979.tmp
Reason: Linux Binary
Owner:  jenkins:jenkins (112:120)
Action: No action taken

The file in question appears to legitimately be an executable file. My question is, why is Jenkins creating temporary executable files?

Note: The server is 100% PHP based, Jenkins should not create any executables from it!

The files seem to be created whenever Jenkins builds a project, even though the build step just puts the password into the correct config file. Nope, they randomly pop up around twice an hour or so.

file output on one of the files:

$ file /tmp/jffi6688931929611009979.tmp
/tmp/jffi6688931929611009979.tmp: ELF 64-bit LSB  shared object, x86-64, version 1 (SYSV), dynamically linked, not stripped

Plugin list:

• Ant Plugin
• Build Monitor View
• Credentials Binding Plugin
• Credentials Plugin
• CVS Plug-in
• disk-usage plugin
• External Monitor Job Type Plugin
• GIT client plugin
• GIT plugin
• Javadoc Plugin
• JUnit Plugin
• LDAP Plugin
• Mailer Plugin
• Matrix Authorization Strategy Plugin
• Matrix Project Plugin
• Maven Integration plugin
• OWASP Markup Formatter Plugin
• PAM Authentication plugin
• Plain Credentials Plugin
• SCM API Plugin
• Script Security Plugin
• SSH Credentials Plugin
• SSH Slaves plugin
• Translation Assistance plugin
• Windows Slaves Plugin
• Workflow: Step API